Subscription to the full report on a daily basis can be obtained:
Send an eMail to dhsdailyadmin@mail.dhs.osis.gov with the subject "DHS Daily Open Source Infrastructure Report" and the following line in the body...subscribe.
To obtain a complete copy of the current report proceed to the DHS link below.
To obtain reports more than 10 business days old, send an eMail to DHS_Reports@e-computer-security.com. Be specific as to the reports you wish to receive.

Daily Report Wednesday, February 14, 2007

Daily Highlights

GovExec reports the hard drive missing from an Alabama Veterans Affairs Department facility last month contained highly sensitive information on nearly all U.S. physicians and medical data for about 535,000 Veterans Affairs patients. (See item 8)·The Associated Press reports snow, freezing rain and plunging temperatures on Tuesday, February 13, created problems for travelers across the Midwest with canceled flights as well as cars and tractor−trailer rigs sliding off highways; Chicago's O'Hare International Airport canceled more than 400 flights. (See item 14)·The Associated Press reports the 18−year−old gunman who opened fire on shoppers in the Trolley Square shopping mall, killing five and wounding four others before police fatally shot him, was armed with several rounds of ammunition and was carrying two guns. (See item 31)

Information Technology and Telecommunications Sector26.February 13, Reuters— China detains six over 'panda' computer virus. China has detained six men in their 20s for writing or profiting from a computer virus dubbed the "joss−stick burning panda," which has infected over a million PCs in the country. The worm wreaked havoc among individual and corporate users in China in a late 2006 outbreak, deleting files, damaging programs and attacking Web portals. Chinese media have said that the worm was able to steal account names of online gamers and instant messengers, which are hotly traded with real money in China's cyberspace. Police held Li Jun, 25, a native of Wuhan city in central China, who wrote the virus in October and had earned more than $12,890 by selling it to about 120 people, the Beijing News said. The other five, from three different provinces, were detained for updating and spreading the virus or for profiting from the stolen account names.Source: http://www.eweek.com/article2/0,1895,2094418,00.asp

27.February 13, IDG News Service— T−Mobile: VoIP will have no major impact. Don't expect new mobile phone services based on the Internet Protocol to become nearly as prevalent as those running over PCs. That's the view of Hamid Akhavan, CEO of T−Mobile International. Voice over Internet Protocol, or VoIP, services provided over mobile phone networks will have "far less impact" than those offered over fixed−line networks, Akhavan said Tuesday, February 13, on the sidelines of a news conference at the 3GSM conference in Barcelona. "There are all sorts of technical issues that make mobile VoIP services difficult to implement," he said. Technical issues related to how networks pass on IP addresses of mobile users have not been completely resolved, he noted. "Take reachability, for example: How can the call come to me?" Akhavan also said emergency phone service and "always on" connectivity are also big issues, since staying online takes up bandwidth on pricey mobile networks. And then there's price: "When people talk about VOIP, they think free," Akhavan said. "With any mobile service provided over the Internet, you're going to need to buy a data package."Source: http://www.infoworld.com/article/07/02/13/HNvoipnoimpact_1.h tml

28.February 12, IDG News Service— U.S. Government readying massive cybersecurity test. The Department of Homeland Security (DHS) is planning a large−scale test of the nation's response to a cyberattack to be held in early 2008. The test will be a follow−up to the February 2006 Cyber Storm test, which was billed as the largest−ever U.S. government online attack simulation. Cyber Storm 2 will be conducted in March 2008, said Gregory Garcia, assistant secretary for cyber security and telecommunications with DHS, speaking at the RSA Conference in San Francisco last week. Like the first Cyber Storm, this exercise will evaluate the ability of the public and private sector to provide a coordinated response to a large−scale cyber event, he said. The second Cyber Storm test, which is in the planning stages right now, will include a greater number of participants than its predecessor. In particular, the number of international participants will be increased.Source: http://www.infoworld.com/article/07/02/12/HNcyberstorm2_1.ht ml

29.February 12, ComputerWorld— Spam, viruses, botnets: Can the Internet be saved? Advances in IT over the decades have come mostly in small increments. That kind of evolutionary approach has served users well, boosting speeds, capacities and application capabilities by many orders of magnitude. But such incremental improvements are no longer sufficient to keep the Internet viable, according to a growing number of researchers. In fact, they say, the Internet is at the tipping point of overwhelming abuse and complexity. The most sanguine of observers say that even if the Internet is able to avoid some kind of digital Armageddon brought on by spammers, hackers, phishers and cyberterrorists, it nevertheless will drown in a flood of mobile gadgets, interactive multimedia applications and Internet−enabled devices. And it isn’t just a problem of security and reliability, says Nick McKeown, a computer scientist at Stanford University; the Internet is getting crushed by complexity. He points out that the original Internet design was based on the idea that users were immobile and connected to the Net by wires.Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=279934&intsrc=hm_ts_head

30.February 12, ComputerWorld— 'Storm Trojan' spreading via IM, attacking rival malware. The Trojan horse that pumped up spam volumes in January is at it again, researchers said Monday, February 12, and is now spreading over instant messaging and engaging in attacks on rival malware. Symantec Corp. researchers said that the "Storm Trojan," aka "Peacomm," is now spreading via AOL Instant Messenger (AIM), Google Talk and Yahoo Messenger. An alert to some Symantec customers pegged the new infection vector as "insidious" because the message and the included URL can be dynamically updated by the attacker. Even worse, according to Alfred Huger, senior director of Symantec's security response team, "it injects a message and URL only into already−open windows. It's not just some random message that pops up, but it appears only to people [you are] already talking to. That makes the approach very effective." Moreover, the server from which the malware is downloaded to the victim's PC can be quickly changed by the attacker using the Trojan's peer−to−peer control channel.Source: http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9011146&intsrc=hm_list

Links

About Me

U.S. Army Retired Chief Warrant Officer with more than 40 years in information technology and 35 years in information security. Became a Certified Information Systems Security Professional in 1995 and have taught computer security in Asia, Canada and the United States. Wrote a computer security column for 5 years in the 1980s titled "for the Sake Of Security", penname R. E. (Bob) Johnston, which was published in Computer Decisions.
Motto: "When entrusted to process, you are obligated to safeguard"